AfterShip Tracking – All-In-One WooCommerce Order Tracking (Free plan available) Security & Risk Analysis

The AfterShip WooCommerce Tracking plugin, version 1.18.1, exhibits a mixed security posture. While it demonstrates good practices such as using prepared statements for all SQL queries and a high percentage of properly escaped output, significant concerns arise from its extensive attack surface and authorization checks. The plugin exposes 22 AJAX handlers, with a striking 20 of them lacking any authentication or authorization checks. This represents a substantial risk, as unauthenticated users could potentially interact with these endpoints, leading to unintended consequences or further exploitation. Although the taint analysis reveals no critical or high severity vulnerabilities, and there are no currently unpatched CVEs, the pattern of past vulnerabilities, specifically missing authorization, combined with the current lack of auth checks on numerous AJAX endpoints, suggests a recurring weakness that attackers could leverage. The presence of one medium severity CVE in its history, even if patched, highlights a past incident related to authorization, reinforcing the concern. The plugin's strengths lie in its secure handling of database interactions and output sanitization, but these are overshadowed by the critical flaw of exposed, unprotected AJAX endpoints. This necessitates immediate attention to implement proper authorization checks across all AJAX handlers to mitigate potential security risks.